{"id":"UBUNTU-CVE-2017-9604","details":"KDE kmail before 5.5.2 and messagelib before 5.5.2, as distributed in KDE Applications before 17.04.2, do not ensure that a plugin's sign/encrypt action occurs during use of the Send Later feature, which allows remote attackers to obtain sensitive information by sniffing the network.","modified":"2026-04-22T11:37:27.553055Z","published":"2017-06-13T13:29:00Z","upstream":["CVE-2017-9604"],"references":[{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2017-9604"},{"type":"REPORT","url":"https://www.cve.org/CVERecord?id=CVE-2017-9604"}],"affected":[{"package":{"name":"kdepim","ecosystem":"Ubuntu:14.04:LTS","purl":"pkg:deb/ubuntu/kdepim@4:4.13.3-0ubuntu0.2?arch=source&distro=trusty"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4:4.13.3-0ubuntu0.2"}]}],"versions":["4:4.11.2-0ubuntu1","4:4.11.2-0ubuntu2","4:4.11.80-0ubuntu1","4:4.11.95-0ubuntu1","4:4.11.97-0ubuntu1","4:4.12.0-0ubuntu1","4:4.12.1-0ubuntu1","4:4.12.2-0ubuntu1","4:4.12.3-0ubuntu1","4:4.12.90-0ubuntu1","4:4.12.90-0ubuntu2","4:4.12.95-0ubuntu1","4:4.12.97-0ubuntu1","4:4.13.0-0ubuntu1","4:4.13.1-0ubuntu0.1","4:4.13.2-0ubuntu0.1","4:4.13.3-0ubuntu0.1"],"ecosystem_specific":{"binaries":[{"binary_name":"akonadiconsole","binary_version":"4:4.13.3-0ubuntu0.2"},{"binary_name":"akregator","binary_version":"4:4.13.3-0ubuntu0.2"},{"binary_name":"blogilo","binary_version":"4:4.13.3-0ubuntu0.2"},{"binary_name":"kaddressbook","binary_version":"4:4.13.3-0ubuntu0.2"},{"binary_name":"kaddressbook-mobile","binary_version":"4:4.13.3-0ubuntu0.2"},{"binary_name":"kalarm","binary_version":"4:4.13.3-0ubuntu0.2"},{"binary_name":"kde-config-pimactivity","binary_version":"4:4.13.3-0ubuntu0.2"},{"binary_name":"kdepim","binary_version":"4:4.13.3-0ubuntu0.2"},{"binary_name":"kdepim-kresources","binary_version":"4:4.13.3-0ubuntu0.2"},{"binary_name":"kdepim-mobile","binary_version":"4:4.13.3-0ubuntu0.2"},{"binary_name":"kdepim-mobileui-data","binary_version":"4:4.13.3-0ubuntu0.2"},{"binary_name":"kdepim-themeeditors","binary_version":"4:4.13.3-0ubuntu0.2"},{"binary_name":"kjots","binary_version":"4:4.13.3-0ubuntu0.2"},{"binary_name":"kleopatra","binary_version":"4:4.13.3-0ubuntu0.2"},{"binary_name":"kmail","binary_version":"4:4.13.3-0ubuntu0.2"},{"binary_name":"kmail-mobile","binary_version":"4:4.13.3-0ubuntu0.2"},{"binary_name":"knode","binary_version":"4:4.13.3-0ubuntu0.2"},{"binary_name":"knotes","binary_version":"4:4.13.3-0ubuntu0.2"},{"binary_name":"konsolekalendar","binary_version":"4:4.13.3-0ubuntu0.2"},{"binary_name":"kontact","binary_version":"4:4.13.3-0ubuntu0.2"},{"binary_name":"korganizer","binary_version":"4:4.13.3-0ubuntu0.2"},{"binary_name":"korganizer-mobile","binary_version":"4:4.13.3-0ubuntu0.2"},{"binary_name":"ktimetracker","binary_version":"4:4.13.3-0ubuntu0.2"},{"binary_name":"ktnef","binary_version":"4:4.13.3-0ubuntu0.2"},{"binary_name":"libcalendarsupport4","binary_version":"4:4.13.3-0ubuntu0.2"},{"binary_name":"libcomposereditorng4","binary_version":"4:4.13.3-0ubuntu0.2"},{"binary_name":"libeventviews4","binary_version":"4:4.13.3-0ubuntu0.2"},{"binary_name":"libgrammar4","binary_version":"4:4.13.3-0ubuntu0.2"},{"binary_name":"libincidenceeditorsng4","binary_version":"4:4.13.3-0ubuntu0.2"},{"binary_name":"libkdepim4","binary_version":"4:4.13.3-0ubuntu0.2"},{"binary_name":"libkdepimdbusinterfaces4","binary_version":"4:4.13.3-0ubuntu0.2"},{"binary_name":"libkdepimmobileui4","binary_version":"4:4.13.3-0ubuntu0.2"},{"binary_name":"libkdgantt2-0","binary_version":"4:4.13.3-0ubuntu0.2"},{"binary_name":"libkleo4","binary_version":"4:4.13.3-0ubuntu0.2"},{"binary_name":"libkmanagesieve4","binary_version":"4:4.13.3-0ubuntu0.2"},{"binary_name":"libkpgp4","binary_version":"4:4.13.3-0ubuntu0.2"},{"binary_name":"libksieve4","binary_version":"4:4.13.3-0ubuntu0.2"},{"binary_name":"libksieveui4","binary_version":"4:4.13.3-0ubuntu0.2"},{"binary_name":"libmailcommon4","binary_version":"4:4.13.3-0ubuntu0.2"},{"binary_name":"libmailimporter4","binary_version":"4:4.13.3-0ubuntu0.2"},{"binary_name":"libmessagecomposer4","binary_version":"4:4.13.3-0ubuntu0.2"},{"binary_name":"libmessagecore4","binary_version":"4:4.13.3-0ubuntu0.2"},{"binary_name":"libmessagelist4","binary_version":"4:4.13.3-0ubuntu0.2"},{"binary_name":"libmessageviewer4","binary_version":"4:4.13.3-0ubuntu0.2"},{"binary_name":"libnoteshared4","binary_version":"4:4.13.3-0ubuntu0.2"},{"binary_name":"libpimactivity4","binary_version":"4:4.13.3-0ubuntu0.2"},{"binary_name":"libpimcommon4","binary_version":"4:4.13.3-0ubuntu0.2"},{"binary_name":"libsendlater4","binary_version":"4:4.13.3-0ubuntu0.2"},{"binary_name":"libtemplateparser4","binary_version":"4:4.13.3-0ubuntu0.2"},{"binary_name":"notes-mobile","binary_version":"4:4.13.3-0ubuntu0.2"},{"binary_name":"storageservicemanager","binary_version":"4:4.13.3-0ubuntu0.2"},{"binary_name":"tasks-mobile","binary_version":"4:4.13.3-0ubuntu0.2"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2017/UBUNTU-CVE-2017-9604.json"}},{"package":{"name":"kdepim","ecosystem":"Ubuntu:16.04:LTS","purl":"pkg:deb/ubuntu/kdepim@4:15.12.3-0ubuntu1.1?arch=source&distro=xenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4:15.12.3-0ubuntu1.1"}]}],"versions":["4:15.08.2-0ubuntu1","4:15.12.1-1ubuntu6","4:15.12.3-0ubuntu1"],"ecosystem_specific":{"binaries":[{"binary_name":"accountwizard","binary_version":"4:15.12.3-0ubuntu1.1"},{"binary_name":"akonadiconsole","binary_version":"4:15.12.3-0ubuntu1.1"},{"binary_name":"akregator","binary_version":"4:15.12.3-0ubuntu1.1"},{"binary_name":"blogilo","binary_version":"4:15.12.3-0ubuntu1.1"},{"binary_name":"kaddressbook","binary_version":"4:15.12.3-0ubuntu1.1"},{"binary_name":"kalarm","binary_version":"4:15.12.3-0ubuntu1.1"},{"binary_name":"kdepim","binary_version":"4:15.12.3-0ubuntu1.1"},{"binary_name":"kdepim-themeeditors","binary_version":"4:15.12.3-0ubuntu1.1"},{"binary_name":"kleopatra","binary_version":"4:15.12.3-0ubuntu1.1"},{"binary_name":"kmail","binary_version":"4:15.12.3-0ubuntu1.1"},{"binary_name":"knotes","binary_version":"4:15.12.3-0ubuntu1.1"},{"binary_name":"konsolekalendar","binary_version":"4:15.12.3-0ubuntu1.1"},{"binary_name":"kontact","binary_version":"4:15.12.3-0ubuntu1.1"},{"binary_name":"korganizer","binary_version":"4:15.12.3-0ubuntu1.1"},{"binary_name":"ktnef","binary_version":"4:15.12.3-0ubuntu1.1"},{"binary_name":"libkf5calendarsupport5","binary_version":"4:15.12.3-0ubuntu1.1"},{"binary_name":"libkf5composereditorng5","binary_version":"4:15.12.3-0ubuntu1.1"},{"binary_name":"libkf5eventviews5","binary_version":"4:15.12.3-0ubuntu1.1"},{"binary_name":"libkf5followupreminder5","binary_version":"4:15.12.3-0ubuntu1.1"},{"binary_name":"libkf5gravatar5","binary_version":"4:15.12.3-0ubuntu1.1"},{"binary_name":"libkf5incidenceeditorsng5","binary_version":"4:15.12.3-0ubuntu1.1"},{"binary_name":"libkf5kdepimdbusinterfaces5","binary_version":"4:15.12.3-0ubuntu1.1"},{"binary_name":"libkf5kdgantt2-5","binary_version":"4:15.12.3-0ubuntu1.1"},{"binary_name":"libkf5kmanagesieve5","binary_version":"4:15.12.3-0ubuntu1.1"},{"binary_name":"libkf5ksieve5","binary_version":"4:15.12.3-0ubuntu1.1"},{"binary_name":"libkf5ksieveui5","binary_version":"4:15.12.3-0ubuntu1.1"},{"binary_name":"libkf5libkdepim5","binary_version":"4:15.12.3-0ubuntu1.1"},{"binary_name":"libkf5libkleo5","binary_version":"4:15.12.3-0ubuntu1.1"},{"binary_name":"libkf5mailcommon5","binary_version":"4:15.12.3-0ubuntu1.1"},{"binary_name":"libkf5mailimporter5","binary_version":"4:15.12.3-0ubuntu1.1"},{"binary_name":"libkf5messagecomposer5","binary_version":"4:15.12.3-0ubuntu1.1"},{"binary_name":"libkf5messagecore5","binary_version":"4:15.12.3-0ubuntu1.1"},{"binary_name":"libkf5messagelist5","binary_version":"4:15.12.3-0ubuntu1.1"},{"binary_name":"libkf5messageviewer5","binary_version":"4:15.12.3-0ubuntu1.1"},{"binary_name":"libkf5noteshared5","binary_version":"4:15.12.3-0ubuntu1.1"},{"binary_name":"libkf5pimcommon5","binary_version":"4:15.12.3-0ubuntu1.1"},{"binary_name":"libkf5sendlater5","binary_version":"4:15.12.3-0ubuntu1.1"},{"binary_name":"libkf5templateparser5","binary_version":"4:15.12.3-0ubuntu1.1"},{"binary_name":"storageservicemanager","binary_version":"4:15.12.3-0ubuntu1.1"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2017/UBUNTU-CVE-2017-9604.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"type":"Ubuntu","score":"medium"}]}